Security News, Articles and Updates

Fighting cyberthreats through automation

A manual approach to cyber-defence is no longer sufficient. When technology controls work together and can communicate, IT can let the technology start to make some automated decisions for you explains Steve Mulhearn.

Securing the vulnerabilities of remotely working

CIOs and security professionals need to ensure that company security policies are established and enforced, whether employees access company sensitive data from home offices, public Wi-Fi networks or hotels says Gerald Beuchelt.

Rémy Cointreau Case Study - connecting a global workforce to the cloud

Rémy Cointreau faced a challenge to create a more agile organisation through its IT infrastructure, providing employees with the ability to securely access applications from any device at any time and from anywhere.

How secure are you? And are your current tools up to the job?

Con Mallon advises, conduct a compromise assessment based on the assumption that you've already been compromised, then pick the right tools, processes, technology and intelligence to combat that threat.

Microsoft adds ransomware defence with new Windows update

Microsoft is claiming that the latest version of Windows 10, the Fall Creator's Update, is the most secure version of the operating system yet released.

News Feature: Google Security interview "human solutions - the way to go."

Google has launched of a range of personal and corporate security enhancements (below) this month. Google security expert Allison Miller, spoke to SC about the organisation's approach to security and privacy concerns.

Collaboration is the key to driving IoT security innovation

Innovation in the IoT may be rapid, but security trails far behind. Nick Cook looks at why securing the IoT must be a priority, not an afterthought, and how collaborative action is fundamental to ensuring its successful future.

Apple iOS 11 makes it harder for law enforcement to access data

Apple is doubling down on its privacy beliefs with the latest iOS 11 which will reportedly add at least two new features designed to safeguard its owners' privacy.

The Chief Data Officer: the new C-level upstart

Bryan Lillie discusses how the role of the chief data officer will evolve over the coming years and how he believes that it will eventually eclipse the role of the chief technology officer.

eBay asking users to switch from keyfob to SMS 2fa

The move has proven as a controversial one, after NIST ruled SMS two-factor authentication as no longer secure enough.

Fear & loathing of firewall & SIEM log savers. Don't save everything

Mark Kedgley discusses the importance of logging firewalls to meet mandatory compliance needs and keep auditors happy while avoiding wasting precious IT investment in storage and SIEM performance.

Modernising your cyber-security approach - a panel discussion

A panel of experts comprising Adam Montville, David Froud and Mark Kedgley collaborated on a variety of cyber-security issues at a roundtable discussion.

Researchers find 132 apps on Play Store infected with iFrame malware

According to the researchers, the apps were infected with "tiny hidden iFrames that link to malicious domains in their local HTML pages".

Free online course offers online privacy and cyber-security advice

A free cyber-security course being offered by Newcastle University's School of Computing Science is one of the latest ways to protect online privacy.

New bill to allow prisons to deploy IMSI catchers outside of prisons

Use of fake base stations is currently limited to within prison walls, and normally commissioned by the prison governor.

Google Project Zero notifies Microsoft as another bug found but not patched

Is the Google team of security researchers once again teetering on the edge of responsible and irresponsible disclosure?

Only 4% of cyber-pros are happy with their cyber-security investments

Nearly 80 percent of cyber-professionals say enterprises must understand the behaviours of people as they interact with intellectual property (IP) and other critical business data, but only 32 percent are able to do so effectively.

How eCommerce can protect themselves and customers from hacks

David Midgley discusses what ecommerce sites need to do to protect themselves from a hack or why banks should start accepting digital currency deposits.

The right way to respond to cyber-security threats is to be proactive

Gavin Russell discusses why having a defined a cyber-response process is important, and why it should be pro-active, covering all likely outcomes.

As CISOs look for more clarity in the noise, is the cloud the answer?

Despite its security issues, security vendors appear to be migrating security tools to the cloud to provide the answer to CISOs wanting a clearer approach to quicker threat detection and prevention.

Product Spotlight: Skybox Security Suite - 1st Nov 2016

Skybox Security Suite is many things besides vulnerability management and, perhaps, that is a major strength. Many of the modules interact in such a manner that the overall management of vulnerabilities - particularly analytics - is enhanced significantly.

Product Spotlight: Skybox Security Suite - 1st June 2016

We have watched these folks almost from their inception and we always have been impressed. Their mission is a rather grand one: manage the security on the enterprise's entire threat surface.

Attention to cyber-security is becoming daily routine in the C-suite

While far-reaching and diverse, the underlying causes of security risks are amenable to collective action.

Understanding the social engineer

Social engineering was the most popular attack technique last year, and James Maude believes this may continue if businesses don't get the basics of prevention and education right.

Shift Left - how to improve security in your developers' code - do it earlier

The simple premise behind last week's Shift Left conference, organised by CheckMarx, was to do security early and throughout code development, and empower developers.

Your security solutions not keeping you safe enough?

Noam Rosenfeld offers six Cs for deploying the right detection and says response technology is the next logical step.

Automotive Cyber-crime: What can we learn from the media industry?

As the automative industry prepares for increased use of connected cars, Mark Mulready considers how it might learn from the Pay-TV industry's experience preventing pirates stealing company IP from consumer-owned devices.

Symantec caught issuing illegal certificates for second time in two years

Symantec improperly issued 108 invalidated transport layer security certificates.

UK cyber-security inquiry to launch following US election hacks

The UK government will be launching a national inquiry on cyber-security to assess the extent to which Britain is protected from the growth in attacks worldwide.